by John Pescatore | June 12, 2009 | 2 Comments
Nice piece in Network World on how DISA uses software vulnerability testing, penetration testing, red teams, etc early and often… Of course, you may say “they also can afford to buy $5,000 coffee pots” but the reality is that approach saves them money overall… Imagine if they used their purchasing power to push those requirements [...]
Category: Uncategorized Tags:
by John Pescatore | June 10, 2009 | Submit a Comment
Huge number of patches for critical vulnerabilities came out this week from Adobe, Apple, Microsoft and RIM. Most will require machines to be rebooted in order to “take” – those are often the patches that cause the most problems. Many SLAs show 95% patching within 5 business days just becaused the patch was pushed – [...]
Category: Uncategorized Tags:
by John Pescatore | June 9, 2009 | Submit a Comment
Application developers: start making all your applications DNSSEC-aware ASAP. ISPs: you, too. (Paul Twomey, ICANN president, had a more eloquent, but longer-winded, version here.)
Category: Uncategorized Tags:
by John Pescatore | June 8, 2009 | 4 Comments
The Wall Street Journal reports that the Chinese government has told PC manufacturers that all PCs sold after July 1, 2009 must include web filtering software. The stated intent is to protect young people from “harmful” content. The stated aim is to block access to pornographic sites. The Chinese government even specified the product that [...]
Category: Uncategorized Tags:
by John Pescatore | June 5, 2009 | Submit a Comment
NIST reported that NIST, NTIA, ICANN and Verisign had agreed on an Interim plan to: “The parties are working on an interim approach to deployment, by year’s end, of a security technology — Domain Name System Security Extensions (DNSSEC) — at the authoritative root zone (i.e., the address book) of the Internet. There will be [...]
Category: Uncategorized Tags:
by John Pescatore | June 4, 2009 | Submit a Comment
The Obama administration has come in wanting to make much greater use of the Internet than the preceding Bush administration. The Obama folks were amazed that Blackberries and Facebook and texting weren’t in use. In 1993, the Clinton administration came in wanting to make much greater use of the Internet than the preceding Bush (Sr.) [...]
Category: Uncategorized Tags:
by John Pescatore | June 3, 2009 | Submit a Comment
Just a few short weeks ago, incoming Secretary of Energy Steven Chu gave a speech where he was quoted by Federal Computer Week as saying: “Do we have the right balance between keeping our IT secure from viruses to how it compromises productivity?” … Terrible accidents and financial waste are bad things, he said, but [...]
Category: Uncategorized Tags:
by John Pescatore | June 2, 2009 | Submit a Comment
One in sixty Internet searches return dangerous sites – high-buzz terms are riskiest. Source: McAfee “The Web’s Most Dangerous Search Terms“
Category: Uncategorized Tags:
by John Pescatore | June 1, 2009 | 6 Comments
I’m putting together an Event note for Gartner clients analyzing the “Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure” report announced to great fanfare on Friday. I’ve actually read through the 76 pages and will make more detailed comments in the research note but here’s the short, blog for free summary: [...]
Category: Uncategorized Tags:
